Telcos, ISPs critical to data privacy and protection — NPC

Share on facebook
Share on twitter
Share on linkedin
Share on email

Telecommunications companies and Internet service providers (ISPs) are critical industry segments that need to comply with the Data Privacy Act of 2012 (DPA), the government said during the first general assembly of Data Protection Officers (DPO), the third in a series for several industries.

Executives of the National Privacy Commission and data protection officers pose for a photo during an assembly.
Executives of the National Privacy Commission and data protection officers pose for a photo during an assembly.

This was underscored by National Privacy Commission (NPC) chief Raymund Liboro, who added that most data that traverse telco and Internet providers? networks is personal data, which telcos and ISPs are required to protect under the DPA.

?Personal data is not limited to email and voice communications, most users are not aware that before a conversation can happen over telecommunications networks, they have to provide their personal data — starting with their phone numbers, then the IMSI number of their SIM cards, the IMEI number and the MAC address of their device. Networks also geo-tag users? location based on the which cell site or street cabinet they used,? Liboro said during the event.

?That is just a voice conversation, subscriber activity within telco and ISP networks generate volumes of personal data as well,? he said.

Titled DPO3, the event is the third in a series of industry sector-targeted DPO general assemblies. The first two were for government, and the banking and financial services sector. DPO3 was organized by the NPC in cooperation with the Philippine Chamber of Telecommunication Operators (PCTO).

According to Roy Ibay, vice president of PCTO, ?After government, telcos are the largest processors of personal data, and as such, we need to be the vanguards of data protection and privacy, it should not be treated as a burdensome compliance task, but instead, should be inherent in our operations and adds value to our organizations, ensuring competitiveness in a dynamic industry.?

It was also announced at the event that the registration of personal information controllers (PIC) and DPOs is still on September 9, 2017, while the deadline for the online-registration of Data Processing Systems (DPS) will commence on January 2018 and will have a deadline of March 8, 2018.

Facebook Comments

Join Our Newsletter! Zero spam, unsubscribe anytime!

Latest Posts